I have a bunch of apps in angular 1.x and no one on the company has any tribal knowledge on the way they were constructed.
So I am opting to use the CDN version of the Widget.
I have been following the docs on developer.okta.com
I setup a SPA app on the okta admin. It is using PKCE (kinda important for later on)
On my app, I am setting up Okta like this:
let oktaSignIn = new OktaSignIn({
baseUrl: "URL",
clientId: "ID",
authParams: {
issuer: "URL/oauth2/default",
responseType: ['token', 'id_token'],
display: 'page',
pkce: true,
redirectUri: 'http://localhost:8080/session/callback'
},
el: '#okta-login-container'
}
oktaSignIn.showSignInToGetTokens(
{
clientId: "ID",
pkce: true,
redirectUri: 'http://localhost:8080/session/callback',
getAccessToken: true,
getIdToken: true,
},
function success(res) {
console.log(res);
oktaSignIn.authClient.token.parseFromUrl(
function success(tokens) {
// Save the tokens for later use, e.g. if the page gets refreshed:
// Add the token to tokenManager to automatically renew the token when needed
tokens.forEach(token => {
if (token.idToken) {
signIn.tokenManager.add('idToken', token);
}
if (token.accessToken) {
signIn.tokenManager.add('accessToken', token);
}
});
// Say hello to the person who just signed in:
var idToken = signIn.tokenManager.get('idToken');
console.log('Hello, ' + idToken.claims.email);
// Remove the tokens from the window location hash
window.location.hash='';
});
},
function error(err) {
// handle errors as needed
console.error(err);
}
);
// });
}
}
So all that code does sign in and redirects to the callback no problem. The issue is that I am not getting any token back because I am getting this error as a fragment on the URL: error=unsupported_response_type&error_description=The+response+type+is+not+supported+by+the+authorization+server.+Configured+response+types%3A+%5Bcode%5D.
The thing is, I am not configuring the response type, if I do, the same error appears.
Bonus: the PKCE config on the widget is not picking up when I do a console.log(oktaSignIn),
oktaSignin.authClient.pkce = false
Anyone have any ideas on how I can get this to work?